We all know how DNSBLs and DNSWLs work for IPv4 addresses, just like rDNS only with A or TXT records rather than PTR.
When I wrote RFC 5782 I assumed the same thing would work for IPv6 addresses. But I was wrong -- the address space is so big that a modestly hostile opponent can use a different IP address for each message, which would cause disastrous cache behavior and equally disastrous amounts of traffic to the DNSBL's servers. So I came up with an entirely different way to store and query the data in the DNS, which as far as I can tell will have excellent performance and cache behavior, even if bad guys are hopping all over the IP address space. Take a look, tell me if I'm nuts: http://www.ietf.org/id/draft-levine-iprangepub-00.txt Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
